diff options
| author | Adam Langley <agl@google.com> | 2015-04-01 11:29:03 -0700 |
|---|---|---|
| committer | ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> | 2015-04-02 00:54:07 +0000 |
| commit | 9978e0aa0069697816a38c7dcc6a81be5975cab7 (patch) | |
| tree | c0c10132781c0a7bce5a26b70eb28beea8e97c73 | |
| parent | b5a439241fee558631d466cfa5203dd447504427 (diff) | |
| download | vboot-stabilize-6937.B.tar.gz | |
vboot: fix name-collision with OpenSSL.stabilize-6946.55.Bstabilize-6937.Brelease-R43-6946.B
vboot currently uses the |SHA256_CTX| name, which is claimed by OpenSSL.
To work around this, it defines OPENSSL_NO_SHA, but that can't be done
at compile time:
The OPENSSL_NO_* defines are set by OpenSSL to reflect the configuration
that it was built with so that users of OpenSSL can disable features as
needed. They can affect the contents of structures any thus the ABI of
the library.
If these defines are set outside of OpenSSL, then the library and the
code that uses it will have incompatible ABIs. At that point it's only
functioning by blind luck.
This change renames the name-collisions so that this hack isn't needed.
This is the same change as was made internally in cl/85758149.
BUG=none
BRANCH=none
TEST=emerge-samus coreboot; make runtests
Change-Id: I709da2507f341896d89d50129ce30ffb111a20d1
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/263506
Reviewed-by: Randall Spangler <rspangler@chromium.org>
| -rw-r--r-- | Android.mk | 6 | ||||
| -rw-r--r-- | firmware/lib/cryptolib/include/sha.h | 20 | ||||
| -rw-r--r-- | firmware/lib/cryptolib/sha256.c | 10 | ||||
| -rw-r--r-- | firmware/lib/cryptolib/sha512.c | 10 | ||||
| -rw-r--r-- | firmware/lib/cryptolib/sha_utility.c | 4 | ||||
| -rw-r--r-- | futility/cmd_create.c | 1 | ||||
| -rw-r--r-- | host/lib/host_key.c | 1 | ||||
| -rw-r--r-- | host/lib/host_signature.c | 1 | ||||
| -rw-r--r-- | host/lib/signature_digest.c | 1 | ||||
| -rw-r--r-- | host/lib/util_misc.c | 2 | ||||
| -rw-r--r-- | host/lib21/host_key.c | 1 | ||||
| -rw-r--r-- | host/lib21/host_signature.c | 1 | ||||
| -rw-r--r-- | utility/dumpRSAPublicKey.c | 1 |
13 files changed, 26 insertions, 33 deletions
@@ -24,8 +24,7 @@ LOCAL_C_INCLUDES += \ $(LOCAL_PATH)/firmware/lib/tpm_lite/include \ $(LOCAL_PATH)/firmware/2lib/include \ $(LOCAL_PATH)/host/include \ - $(LOCAL_PATH)/host/lib/include \ - external/openssl/include + $(LOCAL_PATH)/host/lib/include # Firmware library sources needed by VbInit() call VBINIT_SRCS = \ @@ -108,6 +107,7 @@ LOCAL_SRC_FILES := \ $(UTILLIB_SRCS) LOCAL_EXPORT_C_INCLUDE_DIRS := $(LOCAL_C_INCLUDES) +LOCAL_STATIC_LIBRARIES := libcrypto_static include $(BUILD_HOST_STATIC_LIBRARY) @@ -174,6 +174,6 @@ $(generated_sources)/futility_cmds.c: ${FUTIL_SRCS:%=${LOCAL_PATH}/%} LOCAL_GENERATED_SOURCES := $(generated_sources)/futility_cmds.c LOCAL_STATIC_LIBRARIES := libvboot_util-host -LOCAL_SHARED_LIBRARIES := libssl-host libcrypto-host +LOCAL_SHARED_LIBRARIES := libcrypto-host include $(BUILD_HOST_EXECUTABLE) diff --git a/firmware/lib/cryptolib/include/sha.h b/firmware/lib/cryptolib/include/sha.h index 3ff2b5b2..47a9e5ff 100644 --- a/firmware/lib/cryptolib/include/sha.h +++ b/firmware/lib/cryptolib/include/sha.h @@ -42,7 +42,7 @@ typedef struct { uint32_t len; uint8_t block[2 * SHA256_BLOCK_SIZE]; uint8_t buf[SHA256_DIGEST_SIZE]; /* Used for storing the final digest. */ -} SHA256_CTX; +} VB_SHA256_CTX; typedef struct { uint64_t h[8]; @@ -50,20 +50,20 @@ typedef struct { uint32_t len; uint8_t block[2 * SHA512_BLOCK_SIZE]; uint8_t buf[SHA512_DIGEST_SIZE]; /* Used for storing the final digest. */ -} SHA512_CTX; +} VB_SHA512_CTX; void SHA1_init(SHA1_CTX* ctx); void SHA1_update(SHA1_CTX* ctx, const uint8_t* data, uint64_t len); uint8_t* SHA1_final(SHA1_CTX* ctx); -void SHA256_init(SHA256_CTX* ctx); -void SHA256_update(SHA256_CTX* ctx, const uint8_t* data, uint32_t len); -uint8_t* SHA256_final(SHA256_CTX* ctx); +void SHA256_init(VB_SHA256_CTX* ctx); +void SHA256_update(VB_SHA256_CTX* ctx, const uint8_t* data, uint32_t len); +uint8_t* SHA256_final(VB_SHA256_CTX* ctx); -void SHA512_init(SHA512_CTX* ctx); -void SHA512_update(SHA512_CTX* ctx, const uint8_t* data, uint32_t len); -uint8_t* SHA512_final(SHA512_CTX* ctx); +void SHA512_init(VB_SHA512_CTX* ctx); +void SHA512_update(VB_SHA512_CTX* ctx, const uint8_t* data, uint32_t len); +uint8_t* SHA512_final(VB_SHA512_CTX* ctx); /* Convenience function for SHA-1. Computes hash on [data] of length [len]. * and stores it into [digest]. [digest] should be pre-allocated to @@ -95,8 +95,8 @@ uint8_t* internal_SHA512(const uint8_t* data, uint64_t len, uint8_t* digest); */ typedef struct DigestContext { SHA1_CTX* sha1_ctx; - SHA256_CTX* sha256_ctx; - SHA512_CTX* sha512_ctx; + VB_SHA256_CTX* sha256_ctx; + VB_SHA512_CTX* sha512_ctx; int algorithm; /* Hashing algorithm to use. */ } DigestContext; diff --git a/firmware/lib/cryptolib/sha256.c b/firmware/lib/cryptolib/sha256.c index 664b876c..128e3566 100644 --- a/firmware/lib/cryptolib/sha256.c +++ b/firmware/lib/cryptolib/sha256.c @@ -108,7 +108,7 @@ static const uint32_t sha256_k[64] = { /* SHA-256 implementation */ -void SHA256_init(SHA256_CTX *ctx) { +void SHA256_init(VB_SHA256_CTX *ctx) { #ifndef UNROLL_LOOPS int i; for (i = 0; i < 8; i++) { @@ -126,7 +126,7 @@ void SHA256_init(SHA256_CTX *ctx) { } -static void SHA256_transform(SHA256_CTX* ctx, const uint8_t* message, +static void SHA256_transform(VB_SHA256_CTX* ctx, const uint8_t* message, unsigned int block_nb) { uint32_t w[64]; uint32_t wv[8]; @@ -242,7 +242,7 @@ static void SHA256_transform(SHA256_CTX* ctx, const uint8_t* message, -void SHA256_update(SHA256_CTX* ctx, const uint8_t* data, uint32_t len) { +void SHA256_update(VB_SHA256_CTX* ctx, const uint8_t* data, uint32_t len) { unsigned int block_nb; unsigned int new_len, rem_len, tmp_len; const uint8_t *shifted_data; @@ -274,7 +274,7 @@ void SHA256_update(SHA256_CTX* ctx, const uint8_t* data, uint32_t len) { ctx->tot_len += (block_nb + 1) << 6; } -uint8_t* SHA256_final(SHA256_CTX* ctx) { +uint8_t* SHA256_final(VB_SHA256_CTX* ctx) { unsigned int block_nb; unsigned int pm_len; unsigned int len_b; @@ -317,7 +317,7 @@ uint8_t* internal_SHA256(const uint8_t* data, uint64_t len, uint8_t* digest) { const uint8_t* result; uint64_t remaining_len; int i; - SHA256_CTX ctx; + VB_SHA256_CTX ctx; SHA256_init(&ctx); diff --git a/firmware/lib/cryptolib/sha512.c b/firmware/lib/cryptolib/sha512.c index 96b2bef6..33d47a15 100644 --- a/firmware/lib/cryptolib/sha512.c +++ b/firmware/lib/cryptolib/sha512.c @@ -151,7 +151,7 @@ static const uint64_t sha512_k[80] = { /* SHA-512 implementation */ -void SHA512_init(SHA512_CTX *ctx) { +void SHA512_init(VB_SHA512_CTX *ctx) { #ifdef UNROLL_LOOPS_SHA512 ctx->h[0] = sha512_h0[0]; ctx->h[1] = sha512_h0[1]; ctx->h[2] = sha512_h0[2]; ctx->h[3] = sha512_h0[3]; @@ -169,7 +169,7 @@ void SHA512_init(SHA512_CTX *ctx) { } -static void SHA512_transform(SHA512_CTX* ctx, const uint8_t* message, +static void SHA512_transform(VB_SHA512_CTX* ctx, const uint8_t* message, unsigned int block_nb) { uint64_t w[80]; uint64_t wv[8]; @@ -263,7 +263,7 @@ static void SHA512_transform(SHA512_CTX* ctx, const uint8_t* message, } -void SHA512_update(SHA512_CTX* ctx, const uint8_t* data, +void SHA512_update(VB_SHA512_CTX* ctx, const uint8_t* data, uint32_t len) { unsigned int block_nb; unsigned int new_len, rem_len, tmp_len; @@ -296,7 +296,7 @@ void SHA512_update(SHA512_CTX* ctx, const uint8_t* data, ctx->tot_len += (block_nb + 1) << 7; } -uint8_t* SHA512_final(SHA512_CTX* ctx) +uint8_t* SHA512_final(VB_SHA512_CTX* ctx) { unsigned int block_nb; unsigned int pm_len; @@ -341,7 +341,7 @@ uint8_t* internal_SHA512(const uint8_t* data, uint64_t len, uint8_t* digest) { const uint8_t* result; uint64_t remaining_len; int i; - SHA512_CTX ctx; + VB_SHA512_CTX ctx; SHA512_init(&ctx); input_ptr = data; diff --git a/firmware/lib/cryptolib/sha_utility.c b/firmware/lib/cryptolib/sha_utility.c index 6c7aa493..38bce14d 100644 --- a/firmware/lib/cryptolib/sha_utility.c +++ b/firmware/lib/cryptolib/sha_utility.c @@ -21,12 +21,12 @@ void DigestInit(DigestContext* ctx, int sig_algorithm) { break; #endif case SHA256_DIGEST_ALGORITHM: - ctx->sha256_ctx = (SHA256_CTX*) VbExMalloc(sizeof(SHA256_CTX)); + ctx->sha256_ctx = (VB_SHA256_CTX*) VbExMalloc(sizeof(VB_SHA256_CTX)); SHA256_init(ctx->sha256_ctx); break; #ifndef CHROMEOS_EC case SHA512_DIGEST_ALGORITHM: - ctx->sha512_ctx = (SHA512_CTX*) VbExMalloc(sizeof(SHA512_CTX)); + ctx->sha512_ctx = (VB_SHA512_CTX*) VbExMalloc(sizeof(VB_SHA512_CTX)); SHA512_init(ctx->sha512_ctx); break; #endif diff --git a/futility/cmd_create.c b/futility/cmd_create.c index e3fafd30..6da59a7f 100644 --- a/futility/cmd_create.c +++ b/futility/cmd_create.c @@ -7,7 +7,6 @@ #include <stdio.h> #include <unistd.h> -#define OPENSSL_NO_SHA #include <openssl/pem.h> #include "2sysincludes.h" diff --git a/host/lib/host_key.c b/host/lib/host_key.c index 067a188e..fed579a2 100644 --- a/host/lib/host_key.c +++ b/host/lib/host_key.c @@ -7,7 +7,6 @@ /* TODO: change all 'return 0', 'return 1' into meaningful return codes */ -#define OPENSSL_NO_SHA #include <openssl/pem.h> #include <stdio.h> diff --git a/host/lib/host_signature.c b/host/lib/host_signature.c index 43766cfa..68eba295 100644 --- a/host/lib/host_signature.c +++ b/host/lib/host_signature.c @@ -7,7 +7,6 @@ /* TODO: change all 'return 0', 'return 1' into meaningful return codes */ -#define OPENSSL_NO_SHA #include <openssl/rsa.h> #include <stdio.h> diff --git a/host/lib/signature_digest.c b/host/lib/signature_digest.c index c9e721e4..dcc2cf26 100644 --- a/host/lib/signature_digest.c +++ b/host/lib/signature_digest.c @@ -3,7 +3,6 @@ * found in the LICENSE file. */ -#define OPENSSL_NO_SHA #include <openssl/pem.h> #include <stdio.h> diff --git a/host/lib/util_misc.c b/host/lib/util_misc.c index ecaf8ea3..03ec683f 100644 --- a/host/lib/util_misc.c +++ b/host/lib/util_misc.c @@ -5,7 +5,7 @@ * Miscellaneous functions for userspace vboot utilities. */ -#define OPENSSL_NO_SHA +#include <openssl/bn.h> #include <openssl/rsa.h> #include <stdio.h> diff --git a/host/lib21/host_key.c b/host/lib21/host_key.c index b18d018c..f7ea1622 100644 --- a/host/lib21/host_key.c +++ b/host/lib21/host_key.c @@ -7,7 +7,6 @@ #include <stdio.h> -#define OPENSSL_NO_SHA #include <openssl/pem.h> #include "2sysincludes.h" diff --git a/host/lib21/host_signature.c b/host/lib21/host_signature.c index 50cc8f0a..539a74bc 100644 --- a/host/lib21/host_signature.c +++ b/host/lib21/host_signature.c @@ -5,7 +5,6 @@ * Host functions for signatures. */ -#define OPENSSL_NO_SHA #include <openssl/rsa.h> #include "2sysincludes.h" diff --git a/utility/dumpRSAPublicKey.c b/utility/dumpRSAPublicKey.c index e97fa027..b3b7b96b 100644 --- a/utility/dumpRSAPublicKey.c +++ b/utility/dumpRSAPublicKey.c @@ -8,7 +8,6 @@ * /tools/DumpPublicKey.java). Uses the OpenSSL X509 and BIGNUM library. */ -#define OPENSSL_NO_SHA #include <openssl/pem.h> #include <stdint.h> |